NMCI's architecture paying off

The Navy's plan to use a public-key infrastructure for logical access, and the upcoming transition to IP Version 6, are direct results of the enterprise architecture work started about two years ago.

Even with its much-talked-about and somewhat successful Navy-Marine Corps Intranet project leading the way, Navy IT officials decided they needed to better plot a course on how their network would support the assortment of up-and-coming technologies, including PKI and IPv6.

View to the future

'We worked with EDS and all their subvendors to develop a 'to be' architecture so we would understand how things would evolve,' said Col. Robert Baker, NMCI's technical director. 'We look out to the 2011 time frame to reach that goal, but some vendors have EAs that go beyond that time frame.'

The Navy follows the Defense Department's Architecture Framework and matches up with the Federal Enterprise Architecture, which the Office of Management and Budget is developing.

While most NMCI users don't know the exact reason they have to use their Common Access Card to log onto their computers, Baker points back to the EA as the reason the Navy and Marine Corps were among the few military agencies that met the July 31 deadline to enable their infrastructure for PKI.

'We enforced 700,000 users accounts in the time frame [laid out by the Defense Information Systems Agency],' Baker said. 'We were able to do that because we have a consistent server configuration on our domain controller, which is the way users authenticate to log on.'

NMCI installed Tumbleweed Valicert Validation Authority from Tumbleweed Communications Corp. of Redwood City, Calif., to meet the PKI deadline with about a week to spare. Baker said the Navy and Marine Corps implemented the software a little bit at a time to make it manageable.

The EA also let the Navy and Marine Corps more easily push security patches to the network and desktops. Baker said that, since the architecture details the backbone and systems connected to it, ensuring security patches are up to date is fairly straightforward.

He said the EA also will play a significant role as NMCI moves to IPv6 and begins using grid computing.

OMB has set a June 2008 deadline for the network backbone to move to IPv6, and many agencies are struggling with how to meet that deadline. But Baker expects NMCI's infrastructure to be compliant because officials understand the types of hardware and software connected to the network.

'Many devices already are IPv6 ready, but the fundamental problem is the applications,' he said. 'We are working with EDS to scope the project to make sure we meet the deadline.'

NMCI officials plan to upgrade their storage infrastructure over the next few years. Part of that is moving toward grid computing, which lets users tap computer processing power and large databases over networks without having to know the configuration of each individual system.

Coming soon

'We have a lot of Oracle 10g [database management software], so a lot of application back ends can do grid computing,' Baker said. 'But until we have a consistent infrastructure, some applications will not be able to take advantage of it.'

Baker added that EDS is starting to upgrade the storage infrastructure to take advantage of grid computing starting this year and continuing into next year.